In article <8597@rpp386.Dallas.TX.US> jfh@rpp386.Dallas.TX.US (John F. Haugh II) writes:
>It would be so nice if someone would undertake a security audit to
>insure that work other college students did, which *is* currently
>in production, doesn't contain any surprizes.
>Our friendly enchilada may not be the only prankster out there ...
I sincerely hope you are not making a general statement about college
students. I take great pride in the fact that UDel allows some students
to work at the system level, even in system administration, I happen
to be one of those students and have taken slight offense to the recent
messages that seem to knock college students as being like RTM. Not
all of us write worms and think about how to break security in our spare
time.

the computer aided engineering network (caen) at the university of michigan depends
on a core of 23 fulltime professionals and a roughly equal number of "student"
professionals to maintain our network of 500+ apollos, 50+ suns, 350 macs and maciis
and assorted ibm machines. the distinction is mostly an artificial one, emphasizing
a difference in pay, rather than responsibility or skill. these students are help
maintain basic systems services, software development and (perhaps not surprisingly)
systems security. they are routinely given the root password and determine with
the rest of the systems group who else also requires its use. there has never been
any question of their integrity.

the suggestion that college students are any more unreliable as a group than, for
example, professional systems staff, is unfounded. people respond as they are treated;
if treated as responsible members of the computing community, in general, they will
respond in kind. if constantly placed in an adversarial role, they become your nemesis.